arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Fix the contact form.. using MAX(year) to do joins is completely useless.

Browse Source
This commit is contained in:
james 2012-02-29 19:13:14 +00:00
parent e6243d0ab9
commit 1d2755601a
1 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
contact.php
View File

@ -34,7 +34,7 @@
if($_POST['to'] && $_POST['subject'] && $_POST['message'] && $_POST['from'] && $_POST['fromemail']) {
if(isEmailAddress($_POST['fromemail'])) {
list($id,$md5email)=explode(":",$_POST['to']);
$q=mysql_query("SELECT * FROM users WHERE uid='$id' ORDER BY year DESC LIMIT 1");
$q=mysql_query("SELECT * FROM users WHERE uid='".mysql_real_escape_string($id)."' ORDER BY year DESC LIMIT 1");
$r=mysql_fetch_object($q);
//if a valid selection is made from the list, then this will always match.
if($md5email == md5($r->email)) {
@ -85,10 +85,18 @@ function tochange() {
/* Select everyone in this committee, attach the user data using MAX(year) so we only get the most recent
* user data */
$q2=mysql_query("SELECT committees_link.*,users.uid,MAX(users.year),users.firstname,users.lastname,users.email,users.deleted
FROM committees_link LEFT JOIN users ON users.uid = committees_link.users_uid
WHERE committees_id='{$r->id}'
GROUP BY users.uid ORDER BY ord,users.lastname ");
$q2=mysql_query("SELECT committees_link.*,
users.uid,
MAX(users.year) AS my,
users.firstname,
users.lastname,
users.email,
users.deleted
FROM committees_link
LEFT JOIN users ON users.uid = committees_link.users_uid
WHERE committees_id='{$r->id}'
GROUP BY users.uid
ORDER BY ord,users.lastname ");
//if there's nobody in this committee, then just skip it and go on to the next one.
if(mysql_num_rows($q2)==0)
@ -97,14 +105,15 @@ function tochange() {
echo "<option value=\"\">{$r->name}</option>\n";
echo mysql_error();
while($r2=mysql_fetch_object($q2))
{
if($r2->deleted != 'no') continue;
while($r2=mysql_fetch_object($q2)) {
$q3=mysql_query("SELECT firstname,lastname,email,deleted FROM users WHERE uid='$r2->uid' AND year='$r2->my'");
$r3=mysql_fetch_object($q3);
if($r3->deleted != 'no') continue;
if($r2->email) {
$name=$r2->firstname.' '.$r2->lastname;
if($r3->email) {
$name=$r3->firstname.' '.$r3->lastname;
if($r2->title) $titlestr=" ($r2->title)"; else $titlestr="";
echo "<option value=\"$r2->uid:".md5($r2->email)."\">&nbsp;&nbsp;-{$name}{$titlestr}</option>\n";
echo "<option value=\"$r2->uid:".md5($r3->email)."\">&nbsp;&nbsp;-{$name}{$titlestr}</option>\n";
}
}
}